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METHOD AND APPARATUS FOR PROXY SERVER COOKIES 

BACKGROUND OF THE INVENTION 

The present invention relates generally to a Web technology and more 
particularly to methods and apparatus for proxy server cookies. 
5 Cookies have been used in the World Wide Web (Web) to track a visitor's 

session state. However, many browsers running on devices with limited memory 
capacity do not or cannot accept cookies. Also, for privacy reasons, many browsers 
also disable cookie handling mechanisms of their browsers. As a result, these browsers 
cannot access web pages that mandate cookie handling. 
10 Thus there is a need for an alternative method to handle cookies in the Web. 



SUMMARY 

The present invention is on methods and apparatus that can handle cookies for 
15 devices with limited memory capacity. 

In one embodiment, this is done by a server, which centralizes cookie handling 
for browsers on a number of clients. Not only does the invention solve the problems 
of browsers that cannot handle cookies, the invention also protects the privacy of 
surfers by hiding their identities. 

20 

DETAILED DESCRIPTION OF THE INVENTION 

One embodiment of the present invention is based on the concept of dynamic 
session, which starts when a browser sends a fresh request to a proxy server to access 
25 information on the Web. 

In the present invention, the Web is defined as a network of computers that 
publish information using a standard protocol, such as HTTP, FTP or TCP/IP. A 
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dynamic session is defined as a request that the proxy server has no prior memory of. 

When a new session is started, a unique session id can be generated. Within 
the same session, all embedded links in the response page can then be stamped with the 
5 same session id. A sessioned request is defined as a request that has session id 
information in addition to the request itself. The proxy server can relate a sessioned 
request to a session via the session id. The session continues as long as the user stays 
in the links of the first page or pages generated from links in the first page. A session 
expires when its age reaches the lifetime set by the server. The session lifetime can be 
10 configurable through a configuration parameter. Due to the dynamic nature of the 
session, users do not have to log into the proxy server that provides centralized cookie 
handling services. Same user can start multiple sessions at the same time. 

In one embodiment, a client sends a fresh request for a particular URL to the 
proxy server. The proxy server first checks the request header to determine whether 
15 the browser of the client is capable of handling cookies. If the browser accepts 
cookies, and if the browser does not intend to disable cookie-handling capabilities, the 
proxy server would not provide cookie service. Otherwise, the proxy server first 
generates a session id to identify the new session. 

The proxy server then sends the request to the targeted external web site to get 
20 the corresponding page. After getting the response page, the proxy server first strips 
off any cookies set by the external web site from the response header. The cookies, 
owned by a particular session and identified by the session id, are typically stored in 
a cookie repository for subsequent requests within the session. 

In one embodiment, the session id, or its encoded or encrypted version, is in 
25 a configuration of a URL, or an address the web browser recognizes. 

The proxy server then appends the session id or its encoded or encrypted 
version to all of the links embedded in the response page. Then, the proxy server 
sends the modified response page, with the new header, to the corresponding client. 
In one embodiment, when a sessioned request is received, the proxy first 
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retrieves and stripes off the session id from the request URL. The session id and the 
URL are then used to retrieve the cookies from the cookie repository. The proxy then 
uses the cookies retrieved to generate a cookie header. The new cookie header is then 
appended to the original request header. The session information is removed from the 
5 URL. The request is then sent to the external web site to fetch the page. After 
receiving the page from the external web site, the same procedure as that of handling 
a fresh request is used to process the header and the page. 
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CLAIMS 

1 . A method to handle cookies in a response Web page requested by a client 
comprising the steps of: 

generating a session id to identify a new session; 

striping off any cookies set by an external web site from the response header 
of the response Web page; 

appending the session id to all of the links embedded in the response page; and 
sending the modified response page, with the new header, to the client. 
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